CVE-2019-11654

HIGH

Micro Focus Verastream Host Integrator <7.7 SP2 - Path Traversal

Title source: llm
STIX 2.1

Description

Path traversal vulnerability in Micro Focus Verastream Host Integrator (VHI), versions 7.7 SP2 and earlier, The vulnerability allows remote unauthenticated attackers to read arbitrary files.

References (1)

Core 1
Core References
Various Sources x_refsource_confirm
https://support.microfocus.com/kb/doc.php?id=7024061

Scores

CVSS v3 7.5
EPSS 0.0121
EPSS Percentile 79.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-22
Status published
Products (3)
microfocus/verastream_host_integrator 7.5 (2 CPE variants)
microfocus/verastream_host_integrator 7.6 (2 CPE variants)
microfocus/verastream_host_integrator 7.7 (5 CPE variants)
Published Aug 23, 2019
Tracked Since Feb 18, 2026